The Defense Advanced Research Projects Agency (DARPA) has selected GrammaTech’s TECHx research team as a finalist in its Cyber Grand Challenge (CGC). The TECHx team, which includes collaborators from the University of Virginia, successfully beat off dozens of other competitors. The seven finalists will compete head-to-head at next year’s final event, where the contestants will vie for nearly $4 million in prizes as they strive to revolutionize cybersecurity practice. The goal of CGC is to automate cybersecurity defense by enabling computers to detect and repair software vulnerabilities fully automatically without the slightest human intervention.
Today’s attackers have the upper hand due to the adverse economics of the computer security challenge: attackers have the simple and relatively inexpensive task of finding a single flaw to exploit in systems that are comprised for the most part of unhardened software; defenders, on the other hand, are required to anticipate and deny every possible attack – a goal difficult and expensive to achieve. A capability for hardening software applications automatically would improve these economics, but achieving that goal will require significant advances in static and dynamic program analysis, transformation, and monitoring beyond today’s best practices.
“GrammaTech’s research teams continue to push the boundary of what is possible in the automation of software security,” said Tim Teitelbaum, GrammaTech CEO. “This is a great accomplishment for GrammaTech, David Melski, our VP of Research and leader of the TECHx team, and everyone who participated in the creation of the TECHx technologies here and at the University of Virginia.”
GrammaTech will continue working over the next year to prepare for the final event, which will be held in August 2016 in conjunction with Def Con in Las Vegas.
About GrammaTech:
GrammaTech tools are used by software developers worldwide, spanning a myriad of software industries including avionics, government, medical, military, industrial control, and other applications where reliability and security are paramount. Born from research carried out at Cornell University, GrammaTech is now a leading research center for software security and a commercial vendor of software-assurance tools and advanced cybersecurity solutions. With both static and dynamic analysis tools that analyze source code as well as machine code, GrammaTech continues to advance the science of software analysis, providing technology for developers to produce safer and more secure software.